Headline
Red Hat Security Advisory 2024-0880-03
Red Hat Security Advisory 2024-0880-03 - Red Hat OpenShift Serverless 1.31.1 is now available. Issues addressed include denial of service and traversal vulnerabilities.
The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0880.jsonRed Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis: Critical: Release of OpenShift Serverless Client kn 1.31.1 security updateAdvisory ID: RHSA-2024:0880-03Product: Red Hat OpenShift ServerlessAdvisory URL: https://access.redhat.com/errata/RHSA-2024:0880Issue date: 2024-02-20Revision: 03CVE Names: CVE-2023-39326====================================================================Summary: Red Hat OpenShift Serverless 1.31.1 is now available.Red Hat Product Security has rated this update as having a security impact ofCritical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Red Hat OpenShift Serverless Client kn 1.31.1 provides a CLI to interact withRed Hat OpenShift Serverless 1.31.1. The kn CLI is delivered as an RPM packagefor installation on RHEL platforms, and as binaries for non-Linux platforms.This release includes security, bug fixes, and enhancements.Security Fix(es):* go-git: Maliciously crafted Git server replies can cause DoS on go-git clients (CVE-2023-49568)* go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients (CVE-2023-49569)* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)A Red Hat Security Bulletin, which addresses further details about the RapidReset flaw is available in the References section.For more details about the security issue(s), including the impact, a CVSSscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/documentation/en-us/red_hat_openshift_serverless/1.31CVEs:CVE-2023-39326References:https://access.redhat.com/security/updates/classification/#criticalhttps://access.redhat.com/documentation/en-us/red_hat_openshift_serverless/1.31https://bugzilla.redhat.com/show_bug.cgi?id=2253330https://bugzilla.redhat.com/show_bug.cgi?id=2254210https://bugzilla.redhat.com/show_bug.cgi?id=2258143https://bugzilla.redhat.com/show_bug.cgi?id=2258165Related news
Red Hat Security Advisory 2024-4662-03 - Red Hat OpenShift Virtualization release 4.15.3 is now available with updates to packages and images that fix several bugs and add enhancements.
Gentoo Linux Security Advisory 202407-11 - Multiple vulnerabilities have been discovered in PuTTY, the worst of which could lead to compromised keys. Versions greater than or equal to 0.81 are affected.
Red Hat Security Advisory 2024-4118-03 - An update is now available for Red Hat Ceph Storage 5.3. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-3889-03 - Red Hat OpenShift Container Platform release 4.15.18 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-3868-03 - Network Observability 1.6 for Red Hat OpenShift. Issues addressed include code execution, denial of service, memory exhaustion, and password leak vulnerabilities.
Red Hat Security Advisory 2024-3479-03 - Updated container images are now available for director Operator for Red Hat OpenStack Platform 16.2 for RHEL 8.4. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-2631-03 - An update is now available for Red Hat Ceph Storage 6.1 in the Red Hat Ecosystem Catalog.
Red Hat Security Advisory 2024-1896-03 - Red Hat OpenShift Container Platform release 4.12.56 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-1887-03 - Red Hat OpenShift Container Platform release 4.15.10 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-1812-03 - Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates. Issues addressed include denial of service and memory leak vulnerabilities.
Red Hat Security Advisory 2024-1570-03 - Updated images are now available for Red Hat Advanced Cluster Security. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-1549-03 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes bug and security fixes. Issues addressed include a traversal vulnerability.
Red Hat Security Advisory 2024-1434-03 - Red Hat OpenShift distributed tracing 3.1.1. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-1196-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Security Advisory 2024-1192-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include denial of service and file overwrite vulnerabilities.
Red Hat Security Advisory 2024-1149-03 - An update for skopeo is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-1131-03 - An update for golang is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-1078-03 - An update is now available for Service Telemetry Framework 1.5.4. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-1041-03 - An update for go-toolset-1.19-golang is now available for Red Hat Developer Tools. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-0989-03 - Red Hat Multicluster GlobalHub 1.0.2 General Availability release images, which fix bugs, provide security updates, and update container images. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0845-03 - Red Hat OpenShift Container Platform release 4.13.34 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0832-03 - Red Hat OpenShift Container Platform release 4.12.50 is now available with updates to packages and images that fix several bugs. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0887-03 - An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-0843-03 - Red Hat OpenShift Serverless version 1.31.1 is now available. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0843-03 - Red Hat OpenShift Serverless version 1.31.1 is now available. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0843-03 - Red Hat OpenShift Serverless version 1.31.1 is now available. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0820-03 - Red Hat Advanced Cluster Management for Kubernetes 2.8.5 General Availability release images, which provide security updates and fix bugs. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0820-03 - Red Hat Advanced Cluster Management for Kubernetes 2.8.5 General Availability release images, which provide security updates and fix bugs. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0741-03 - Red Hat OpenShift Container Platform release 4.13.33 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0741-03 - Red Hat OpenShift Container Platform release 4.13.33 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0740-03 - Red Hat OpenShift Container Platform release 4.13.33 is now available with updates to packages and images that fix several bugs. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0740-03 - Red Hat OpenShift Container Platform release 4.13.33 is now available with updates to packages and images that fix several bugs. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0735-03 - Red Hat OpenShift Container Platform release 4.14.12 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0735-03 - Red Hat OpenShift Container Platform release 4.14.12 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0789-03 - An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available. Issues addressed include buffer overflow and denial of service vulnerabilities.
Red Hat Security Advisory 2024-0748-03 - An update for the container-tools:4.0 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-0728-03 - Logging Subsystem 5.8.3 - Red Hat OpenShift. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-0729-03 - Red Hat Advanced Cluster Management for Kubernetes 2.7.11 General Availability release images, which provide security updates and fix bugs. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0729-03 - Red Hat Advanced Cluster Management for Kubernetes 2.7.11 General Availability release images, which provide security updates and fix bugs. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0695-03 - Logging 5.6.16 - Red Hat OpenShift. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-0694-03 - Logging Subsystem 5.7.11 - Red Hat OpenShift. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-0642-03 - An update is now available for Red Hat OpenShift Container Platform 4.14. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0642-03 - An update is now available for Red Hat OpenShift Container Platform 4.14. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0641-03 - An update is now available for Red Hat OpenShift Container Platform 4.14. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0641-03 - An update is now available for Red Hat OpenShift Container Platform 4.14. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0628-03 - An update for libssh is now available for Red Hat Enterprise Linux 8.
Red Hat Security Advisory 2024-0530-03 - An update is now available for the Red Hat build of Cryostat 2 on RHEL 8. Issues addressed include a denial of service vulnerability.
Ubuntu Security Notice 6598-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.
Red Hat Security Advisory 2024-0298-03 - Red Hat Advanced Cluster Management for Kubernetes 2.9.2 General Availability release images, which provide security updates and fix bugs. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-0298-03 - Red Hat Advanced Cluster Management for Kubernetes 2.9.2 General Availability release images, which provide security updates and fix bugs. Issues addressed include denial of service and traversal vulnerabilities.
Ubuntu Security Notice 6585-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.
Debian Linux Security Advisory 5601-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the "Terrapin attack". This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.
Ubuntu Security Notice 6574-1 - Takeshi Kaneko discovered that Go did not properly handle comments and special tags in the script context of html/template module. An attacker could possibly use this issue to inject Javascript code and perform a cross site scripting attack. This issue only affected Go 1.20 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. It was discovered that Go did not properly validate the "//go:cgo_" directives during compilation. An attacker could possibly use this issue to inject arbitrary code during compile time.
### Impact A path traversal vulnerability was discovered in go-git versions prior to `v5.11`. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the [ChrootOS](https://pkg.go.dev/github.com/go-git/go-billy/v5/osfs#ChrootOS), which is the default when using "Plain" versions of Open and Clone funcs (e.g. PlainClone). Applications using [BoundOS](https://pkg.go.dev/github.com/go-git/go-billy/v5/osfs#BoundOS) or in-memory filesystems are not affected by this issue. This is a `go-git` implementation issue and does not affect the upstream `git` cli. ### Patches Users running versions of `go-git` from `v4` and above are recommended to upgrade to `v5.11` in order to mitigate this vulnerability. ### Workarounds In cases where a bump to the latest version of `go-git` is not possible in a timely manner, we recommend limiting its use to only t...
Debian Linux Security Advisory 5591-1 - Several vulnerabilities were discovered in libssh, a tiny C SSH library.
Gentoo Linux Security Advisory 202312-16 - Multiple vulnerabilities have been discovered in libssh, the worst of which could lead to code execution. Versions greater than or equal to 0.10.6 are affected.
### Impact A denial of service (DoS) vulnerability was discovered in go-git versions prior to `v5.11`. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in `go-git` clients. Applications using only the in-memory filesystem supported by `go-git` are not affected by this vulnerability. This is a `go-git` implementation issue and does not affect the upstream `git` cli. ### Patches Users running versions of `go-git` from `v4` and above are recommended to upgrade to `v5.11` in order to mitigate this vulnerability. ### Workarounds In cases where a bump to the latest version of `go-git` is not possible, we recommend limiting its use to only trust-worthy Git servers. ## Credit Thanks to Ionut Lalu for responsibly disclosing this vulnerability to us. ### References - [GHSA-mw99-9chc-xw7r](https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r)
Debian Linux Security Advisory 5588-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the "Terrapin attack". This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.
Debian Linux Security Advisory 5586-1 - Several vulnerabilities have been discovered in OpenSSH, an implementation of the SSH protocol suite.
### Summary Russh v0.40.1 and earlier is vulnerable to a novel prefix truncation attack (a.k.a. Terrapin attack), which allows a man-in-the-middle attacker to strip an arbitrary number of messages right after the initial key exchange, breaking SSH extension negotiation (RFC8308) in the process and thus downgrading connection security. ### Mitigations To mitigate this protocol vulnerability, OpenSSH suggested a so-called "strict kex" which alters the SSH handshake to ensure a Man-in-the-Middle attacker cannot introduce unauthenticated messages as well as convey sequence number manipulation across handshakes. Support for strict key exchange has been added to Russh in the patched version. **Warning: To take effect, both the client and server must support this countermeasure.** As a stop-gap measure, peers may also (temporarily) disable the affected algorithms and use unaffected alternatives like AES-GCM instead until patches are available. ### Details The SSH specifications of Ch...
A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small.
Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module proxy and are fetching modules directly (i.e. GOPROXY=off).